Today, the Obama administration released the president's Cybersecurity National Action Plan (CNAP), a set of executive actions and budget requests that seeks to fix federal agencies' information security woes. The plan aims to spur broader efforts to protect citizens' privacy and the security of the nation's businesses and infrastructure from criminals and other threats. And it starts off by creating a commission to figure out how to do that.
The Federal government's information security posture, as demonstrated by the Office of Personnel Management breach last year, is at best antiquated and at worst horrific in its inadequacy. The CNAP looks to rapidly infuse money into efforts to modernize the decrepit information security systems at agencies such as the Social Security Administration, which as President Obama wrote in an op-ed piece published today by the Wall Street Journal, "uses systems and code from the 1960s. No successful business could operate this way.”
To make the fixes, the Obama administration is asking for over $19 billion in spending scattered across the proposed 2017 budget and is making a number of immediate moves that require funding now—$3.1 billion for an Information Technology Modernization Fund and to pay a new Federal Chief Information Security Officer (with a salary of between $123,175 and $185,100 a year, Top Secret/SCI clearance required—apply by February 26 if interested).